ExternalVendorCode/corda
1
0
Fork 0
mirror of https://github.com/corda/corda.git synced 2025-01-07 13:38:47 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity
17f2836e2e
corda/common/inc/sgx_ukey_exchange.h
Angie Chinchilla 9441de4c38 Initial release of Intel SGX for Linux. 
This release is used in conjunction with the linux-sgx-driver Intial release:
https://github.com/01org/linux-sgx-driver
commit-id: 0e865ce5e6b297a787bcdc12d98bada8174be6d7

Intel-id: 33399

Signed-off-by: Angie Chinchilla <angie.v.chinchilla@intel.com>
2016-06-23 18:51:53 -04:00

200 lines
10 KiB
C
Raw Blame History

/*
* Copyright (C) 2011-2016 Intel Corporation. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* * Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* * Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
* * Neither the name of Intel Corporation nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
* A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
* OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifndef _SGX_UKEY_EXCHANGE_H_
#define _SGX_UKEY_EXCHANGE_H_
#include "sgx_eid.h"
#include "sgx_defs.h"
#include "sgx_key_exchange.h"
#ifdef __cplusplus
extern "C" {
#endif
typedef sgx_status_t (* sgx_ecall_get_ga_trusted_t)(
sgx_enclave_id_t eid,
sgx_status_t* retval,
sgx_ra_context_t context,
sgx_ec256_public_t *g_a);
typedef sgx_status_t (* sgx_ecall_proc_msg2_trusted_t)(
sgx_enclave_id_t eid,
sgx_status_t* retval,
sgx_ra_context_t context,
const sgx_ra_msg2_t *p_msg2,
const sgx_target_info_t *p_qe_target,
sgx_report_t *p_report,
sgx_quote_nonce_t* nonce);
typedef sgx_status_t (* sgx_ecall_get_msg3_trusted_t)(
sgx_enclave_id_t eid,
sgx_status_t* retval,
sgx_ra_context_t context,
uint32_t quote_size,
sgx_report_t* qe_report,
sgx_ra_msg3_t *p_msg3,
uint32_t msg3_size);
/*
* sgx_ra_get_msg1 is used to get the remote attestation and key exchange
* protocol message 1 to send to a service provider. The application enclave
* should use sgx_ra_init function to create the remote attestation and key
* exchange process context and return to the untrusted code, before the
* untrusted code can invoke this function.
*
* @param context Context returned by the sgx_ra_init function inside the
* application enclave.
* @param eid ID of the application enclave which is going to be
* attested.
* @param p_get_ga Function pointer of the ECALL proxy sgx_ra_get_ga
* generated by sgx_edger8r. The application enclave should
* link with sgx_tkey_exchange library and import
* sgx_tkey_exchange.edl in the enclave's EDL file to
* expose the ECALL proxy for sgx_ra_get_ga.
* @param p_msg1 Message 1 used by the remote attestation and key
* exchange protocol.
* @return sgx_status_t SGX_SUCCESS Indicates success.
* SGX_ERROR_INVALID_PARAMETER Invalid input parameters
* detected.
* SGX_ERROR_AE_INVALID_EPIDBLOB The EPID blob is
* corrupted.
* SGX_ERROR_INVALID_STATE SGX API is invoked in
* incorrect order or
* state.
* SGX_ERROR_EPID_MEMBER_REVOKED The EPID group
* membership revoked.
* SGX_ERROR_BUSY The requested service is
* temporarily not
* available.
* SGX_ERROR_UPDATE_NEEDED SGX needs to be updated.
* SGX_ERROR_SERVICE_UNAVAILABLE The AE service did not
* respond.
* SGX_ERROR_SERVICE_TIMEOUT A request to the AE
* service timed out.
* SGX_ERROR_NETWORK_FAILURE Network connecting or
* proxy setting issue was
* encountered.
* SGX_ERROR_OUT_OF_MEMORY There is not enough
* memory available to
* complete this operation.
* SGX_ERROR_UNEXPECTED Indicates an unexpected
* error occurs.
* And other possible return code from sgx_ecall.
*/
sgx_status_t SGXAPI sgx_ra_get_msg1(
sgx_ra_context_t context,
sgx_enclave_id_t eid,
sgx_ecall_get_ga_trusted_t p_get_ga,
sgx_ra_msg1_t *p_msg1);
/*
* sgx_ra_get_msg2 is used to process the remote attestation and key exchange
* protocol message 2 from the service provider and generate message 3 to send
* to the service provider. If the service provider accepts message 3,
* negotiated session keys between the application enclave and the service
* provider are ready for use. The application enclave can use sgx_ra_get_keys
* function to retrieve the negotiated keys and use sgx_ra_close function to
* release the context of the remote attestation and key exchange process.
*
* @param context Context returned by the sgx_ra_init function inside the
* application enclave.
* @param eid ID of the application enclave which is going to be
* attested.
* @param p_proc_msg2 Function pointer of the ECALL proxy sgx_ra_proc_msg2_trusted
* generated by sgx_edger8r. The application enclave should
* link with sgx_tkey_exchange library and import the
* sgx_tkey_exchange.edl in the application enclave's EDL
* file to expose the ECALL proxy for sgx_ra_get_msg2.
* @param p_get_msg3 Function pointer of the ECALL proxy sgx_ra_get_msg3_trusted
* generated by sgx_edger8r. The application enclave should
* link with sgx_tkey_exchange library and import the
* sgx_tkey_exchange.edl in the application enclave's EDL
* file to expose the ECALL proxy for sgx_ra_get_msg3.
* @param p_msg2 sgx_ra_msg2_t message 2 from the service provider
* received by application.
* @param msg2_size The length of msg2 (in bytes).
* @param pp_msg3 sgx_ra_msg3_t message 3 to be sent to the service
* provider. The message buffer is allocated by the
* sgx_ukey_exchange library. The caller should free the
* buffer after use.
* @param p_msg3_size The length of msg3 (in bytes).
* @return sgx_status_t SGX_SUCCESS Indicates success.
* SGX_ERROR_INVALID_PARAMETER Invalid input parameters
* detected.
* SGX_ERROR_AE_INVALID_EPIDBLOB The EPID blob is
* corrupted.
* SGX_ERROR_INVALID_STATE SGX API is invoked in
* incorrect order or
* state.
* SGX_ERROR_EPID_MEMBER_REVOKED The EPID group
* membership revoked.
* SGX_ERROR_INVALID_SIGNATURE The signature is invalid.
* SGX_ERROR_MAC_MISMATCH Indicates verification
* error for reports, sealed
* data, etc.
* SGX_ERROR_KDF_MISMATCH Indicates key derivation
* function doesn't match.
* SGX_ERROR_BUSY The requested service is
* temporarily not
* available.
* SGX_ERROR_UPDATE_NEEDED SGX needs to be updated.
* SGX_ERROR_SERVICE_UNAVAILABLE The AE service did not
* respond.
* SGX_ERROR_SERVICE_TIMEOUT A request to the AE
* service timed out.
* SGX_ERROR_NETWORK_FAILURE Network connecting or
* proxy setting issue was
* encountered.
* SGX_ERROR_OUT_OF_MEMORY There is not enough
* memory available to
* complete this operation.
* SGX_ERROR_UNEXPECTED Indicates an unexpected
* error occurs.
* And other possible return code from sgx_ecall.
*/
sgx_status_t SGXAPI sgx_ra_proc_msg2(
sgx_ra_context_t context,
sgx_enclave_id_t eid,
sgx_ecall_proc_msg2_trusted_t p_proc_msg2,
sgx_ecall_get_msg3_trusted_t p_get_msg3,
const sgx_ra_msg2_t *p_msg2,
uint32_t msg2_size,
sgx_ra_msg3_t **pp_msg3,
uint32_t *p_msg3_size);
#ifdef __cplusplus
}
#endif
#endif
Reference in New Issue View Git Blame Copy Permalink